IPO Communications

Publisher Information

IPO Communications is a software publisher located in Yeongdeungpo-gu, Seoul in Korea*. A majority of the programs developed by the company can be classified as adware or other potentially unwanted programs. There is one additional code signing certificate issued to this publisher.
Authority:
COMODO CA Limited

Valid from:
6/29/2012 9:00:00 AM

Valid to:
6/30/2013 8:59:59 AM

Subject:
CN=IPO Communications, O=IPO Communications, STREET="504 Freebero Officetel,15-14 Yeouido-dong", L=Yeongdeungpo-gu, S=Seoul, PostalCode=150010, C=KR

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
073d112e1d1fee4840abce47aab412ae

Scanner detections:
Detections  (67% detected)

Scan engine
Details
Detections

Kingsoft AntiVirus
Win32.Troj.Generic.(kcloud), Win32.Troj.Generic.a.(kcloud)
70.59%

ESET NOD32
Win32/Adware.Kraddare.FN, Win32/Adware.Kraddare.FN (variant), Win32/Adware.Kraddare.DB (variant), Win32/Adware.SmartPop (variant)
70.59%

Malwarebytes
Adware.KorAd, Adware.SmartPop, Adware.SmartPops
70.59%

AhnLab V3 Security
PUP/Win32.NateFinder, PUP/Win32.WindowsBooster, Win-PUP/Security.WindowsBooster.575656.B, PUP/Win32.SmartPop
64.71%

AVG
Skodna.Generic, Fake_AntiSpyware, Generic5, Adware Generic5.MAP
64.71%

Comodo Security
ApplicUnwnt, UnclassifiedMalware
64.71%

Dr.Web
BackDoor.Ghost.176, DLOADER.Trojan, Adware.SmartPops.4, BackDoor.Ghost.190, Trojan.Adkor.357
58.82%

Vba32 AntiVirus
BScope.Trojan.Banker, suspected of Trojan.Downloader.gen.h
47.06%

McAfee
Artemis!AB153803DB50, Artemis!BFDFDBBD720C, Artemis!0BF40CA9E26B, Artemis!90A1F03C470F, Artemis!2286B65BB86C, Artemis!15DC16A8BC7A
41.18%

avast!
Win32:Delf-QDM [Trj], Win32:PUP-gen [PUP], Win32:Delf-THU [PUP], Win32:GenMaliciousA-NJM [Adw], Win32:Adware-gen [Adw]
41.18%

1 / 68      (inconclusive)
winbstrramt.exe  (692bf83a1fa43d88102127e00a17354b)

0 / 68
wbupdate.exe  (c0718ca071461bbfd9fc3e1edafd1158)

4 / 68      (PUP)
wbuninstall.exe (by IPO Communications)  (02a8b50c38be9ba6dc4beb9ed2abb2c1)

28 / 68    (PUP)
smartpopupt.exe (SmartPop)  (17b4199058290c4983e94bcca612dbfe)

15 / 68    (PUP)
smartpopsvc.exe (SmartPop)  (15dc16a8bc7a0188cf76320a4e32a9a1)

8 / 68      (PUP)
SmartPop.dll (by IPO Communication)  (6c435dc0596aab37eaecc4faeb145f49)

12 / 68    (PUP)

17 / 68    (PUP)

2 / 68
winbstrramt.exe  (0e96bd06882b65c9c500cdf4094ba14b)

7 / 68      (PUP)
windowsbooster.exe  (fa10c047a3f747b7988bb666e9748261)

14 / 68    (PUP)

3 / 68      (inconclusive)
winbstrramt.exe  (418d8affeaa0950fa47b9e0fea105c72)

15 / 68    (PUP)
smartpopsvc.exe (SmartPop)  (7b1b7ef875909469b8707501b511c3af)

14 / 68    (PUP)
smartpopupt.exe (SmartPop)  (6d9c80dbea8732e9c75e12f3f018a2e6)

4 / 68      (inconclusive)
winbstrramt.exe  (ba6f85fa351dd47812bd983af968f648)

4 / 68      (inconclusive)
windowsbooster.exe  (fc071b06023987605d50fc8fe65e23d9)

11 / 68    (PUP)

13 / 68    (PUP)

The following certificate is also signed by IPO Communications.

0088F64B273D75C49A4FFFA278DDD009F4  (Jul 07, 2011 to Jul 07, 2012)

* Note, the details and description above are based on the code signing digital signature issued to IPO Communications by COMODO CA Limited on June 29, 2012 with the serial number '073d112e1d1fee4840abce47aab412ae'.